perkiset

Occasionally I have slowdowns on some of my

mac

 hines and have a difficult time ascertaining the source... I know that

net

 stat -a is one of the tools to figure it out but do not understand how to read what I am looking at... anyone here got a quick-and-dirty on how to use that tool to see if I have a bogart on my pipe?

TIA,
/p

vsloathe

I've never used the

linux

  version, but in Windows it just shows inbound and outbound connections and upon which ports they are. I just look for rogues, but then in general I pride myself on having a very good knowledge of what *should* be there. You see some mysterious process connecting on a weird UDP port in the ether regions of 5-digitness, look up what it is and what it might be doing.

perkiset

Do you know if I can use it (or what is the right tool) to diagnose where

net

 work traffic might be coming from? I have a scanner running on a private

net

 work showing me overall traffic, but cannot seem to pinpoint what process/port/

mac

 hine is beating up on the

net

  intermittently...

Thanks BTW

vsloathe

Once again, without looking at the *nix

net

 stat command, under Windows it shows you the IP or CName of the host to which any connection is going. Might not be the case with the *nix

net

 stat command, but I will do some digging to try to find out what can get you that info.

vsloathe

OK, yeah I looked it up and for all intents and purposes, they are identical (*nix vs. Win32

net

 stat).

If I may offer some advice: Close all programs that have any connections going outbound or coming inbound from the

mac

 hine in question (AIM clients, email clients, web browsers, et al [obviously something you can figure out, I'm trying to be patronizing for the sake of future readers]), &'

;net

 stat -a' from the console and take a look at what's going on. Aside from the usual broadcasts to *.* and the odd DNS packet here or there, you shoudln't see much. Take a look at the host names or IPs of your connections. If you're looking to monitor all your

net

 work's activity from one

mac

 hine, obviously a packet sniffer is better suited (in promiscuous mode, of course).

perkiset

quote author=vsloathe link=topic=827.msg5689#msg5689 date=1205256440

OK, yeah I looked it up and for all intents and purposes, they are identical (*nix vs. Win32

net

 stat).

If I may offer some advice: Close all programs that have any connections going outbound or coming inbound from the

mac

 hine in question (AIM clients, email clients, web browsers, et al [obviously something you can figure out, I'm trying to be patronizing for the sake of future readers]), &'

;net

 stat -a' from the console and take a look at what's going on.

Have done exactly that... there must be a daemon running somewhere, because as far as I can tell I have nothing active. the only thing that has changed is that I have a new TimeCapsule appliance on my

net

 , but nothing seems to be connecting to it... so I am thus far sort of lost... but will post if I get some new info.

thanks again VS

thedarkness

netstat -lpn
tcpdump
iptraf

Cheers,
td

[edit] Sorry, I should elaborate but I'm whipped and about to turn in. I think IP traf is the one you want if the traffic is flowing "through" the

mac

 hine you are running it on. ping me in about 8 hours if you want to rap perk. Nite all  Applause

perkiset

Gnight lad, thanks for the thoughts. Talk to you in 8.

/p


Perkiset's Place Home   Politics @ Perkiset's